0

I am trying to port a Weblogic environment from Oracle to PostgreSQL. When I configure a domain with the security store on PostgreSQL, it fails to start.

Weblogic 12c, Java 7, PostgreSQL 9.3.4 here on Mac OS X but same problem on Linux.

The domain was created with the security store datasource as PostgreSQL (option available in the drop-down), properly configured.

The schema was created based on the Derby schema by replacing the BLOB with BYTEA.

startWeblogic gives:

<Aug 7, 2014 5:48:02 PM CEST> <Warning> <Security> <BEA-090076> <A failure occurred attempting to load LDIF for provider Authorizer from file /Users/darcher/Dev/wls/wlserver/server/lib/XACMLAuthorizerInit.ldift.>
<Aug 7, 2014 5:48:02 PM CEST> <Error> <Security> <BEA-090870> <The realm "myrealm" failed to be loaded: weblogic.security.service.SecurityServiceException: com.bea.common.engine.ServiceInitializationException: weblogic.security.spi.ProviderInitializationException: A failure occurred attempting to load LDIF for provider Authorizer from file /Users/darcher/Dev/wls/wlserver/server/lib/XACMLAuthorizerInit.ldift..
weblogic.security.service.SecurityServiceException: com.bea.common.engine.ServiceInitializationException: weblogic.security.spi.ProviderInitializationException: A failure occurred attempting to load LDIF for provider Authorizer from file /Users/darcher/Dev/wls/wlserver/server/lib/XACMLAuthorizerInit.ldift.
    at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initializeRealm(CommonSecurityServiceManagerDelegateImpl.java:466)
    at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.loadRealm(CommonSecurityServiceManagerDelegateImpl.java:841)
    at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initializeRealms(CommonSecurityServiceManagerDelegateImpl.java:870)
    at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initialize(CommonSecurityServiceManagerDelegateImpl.java:1032)
    at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:873)
    Truncated. see log file for complete stacktrace
Caused By: com.bea.common.engine.ServiceInitializationException: weblogic.security.spi.ProviderInitializationException: A failure occurred attempting to load LDIF for provider Authorizer from file /Users/darcher/Dev/wls/wlserver/server/lib/XACMLAuthorizerInit.ldift.
    at com.bea.common.engine.internal.ServiceEngineImpl.findOrStartService(ServiceEngineImpl.java:365)
    at com.bea.common.engine.internal.ServiceEngineImpl.findOrStartService(ServiceEngineImpl.java:315)
    at com.bea.common.engine.internal.ServiceEngineImpl.lookupService(ServiceEngineImpl.java:257)
    at com.bea.common.engine.internal.ServicesImpl.getService(ServicesImpl.java:72)
    at weblogic.security.service.CSSWLSDelegateImpl.getService(CSSWLSDelegateImpl.java:155)
    Truncated. see log file for complete stacktrace
Caused By: weblogic.security.spi.ProviderInitializationException: A failure occurred attempting to load LDIF for provider Authorizer from file /Users/darcher/Dev/wls/wlserver/server/lib/XACMLAuthorizerInit.ldift.
    at com.bea.common.store.bootstrap.internal.BootStrapServiceImpl.loadFullLDIFTemplate(BootStrapServiceImpl.java:910)
    at com.bea.common.store.bootstrap.internal.BootStrapServiceImpl.loadLDIFTemplate(BootStrapServiceImpl.java:688)
    at com.bea.common.store.bootstrap.internal.BootStrapServiceImpl.loadLDIFXACMLAuthorizerTemplate(BootStrapServiceImpl.java:176)
    at com.bea.common.store.bootstrap.internal.BootStrapServiceImpl.loadLDIFXACMLAuthorizerTemplate(BootStrapServiceImpl.java:160)
    at com.bea.common.security.internal.service.BootStrapServiceImpl.loadLDIFXACMLAuthorizerTemplate(BootStrapServiceImpl.java:106)
    Truncated. see log file for complete stacktrace
Caused By: <openjpa-1.1.1-SNAPSHOT-r422266:957329 fatal store error> kodo.jdo.FatalDataStoreException: The transaction has been rolled back.  See the nested exceptions for details on the errors that occurred.
    at org.apache.openjpa.kernel.BrokerImpl.newFlushException(BrokerImpl.java:2170)
    at org.apache.openjpa.kernel.BrokerImpl.flush(BrokerImpl.java:2017)
    at org.apache.openjpa.kernel.BrokerImpl.flushSafe(BrokerImpl.java:1915)
    at org.apache.openjpa.kernel.BrokerImpl.beforeCompletion(BrokerImpl.java:1833)
    at org.apache.openjpa.kernel.LocalManagedRuntime.commit(LocalManagedRuntime.java:81)
    Truncated. see log file for complete stacktrace
Caused By: <openjpa-1.1.1-SNAPSHOT-r422266:957329 nonfatal store error> kodo.jdo.DataStoreException: Batch entry 0 INSERT INTO BEAXACMLAP (DOMN, REALMN, TYPEN, CN, XVER, CTS, WCN, WCI, WXF, XD, XS, MTS) VALUES ('lxrccn', 'myrealm', 'Policies', 'urn:bea:xacml:2.0:entitlement:resource:type@E@Fmbean@G', '1.0', NULL, NULL, NULL, NULL, ?, '3', '2014-08-07 17:48:02.600000 +02:00:00') was aborted.  Call getNextException to see the cause. {prepstmnt 1242995387 INSERT INTO BEAXACMLAP (DOMN, REALMN, TYPEN, CN, XVER, CTS, WCN, WCI, WXF, XD, XS, MTS) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?) [params=(String) lxrccn, (String) myrealm, (String) Policies, (String) urn:bea:xacml:2.0:entitlement:resource:type@E@Fadm@G, (String) 1.0, (null) null, (null) null, (null) null, (null) null, (byte[]) [B@4f719938, (String) 3, (Timestamp) 2014-08-07 17:48:02.6] [reused=0]} [code=0, state=42501]
FailedObject: [cn=urn:bea:xacml:2.0:entitlement:resource:type@E@Fmbean@G,xacmlVersion=1.0,typeName=Policies,realm=myrealm,domain=lxrccn] [java.util.LinkedList]
    at org.apache.openjpa.jdbc.sql.DBDictionary.narrow(DBDictionary.java:4207)
    at org.apache.openjpa.jdbc.sql.DBDictionary.newStoreException(DBDictionary.java:4171)
    at org.apache.openjpa.jdbc.sql.SQLExceptions.getStore(SQLExceptions.java:102)
    at org.apache.openjpa.jdbc.sql.SQLExceptions.getStore(SQLExceptions.java:72)
    at kodo.jdbc.kernel.BatchingPreparedStatementManager.executeBatch(BatchingPreparedStatementManager.java:304)
    Truncated. see log file for complete stacktrace
Caused By: org.apache.openjpa.lib.jdbc.ReportingSQLException: Batch entry 0 INSERT INTO BEAXACMLAP (DOMN, REALMN, TYPEN, CN, XVER, CTS, WCN, WCI, WXF, XD, XS, MTS) VALUES ('lxrccn', 'myrealm', 'Policies', 'urn:bea:xacml:2.0:entitlement:resource:type@E@Fmbean@G', '1.0', NULL, NULL, NULL, NULL, ?, '3', '2014-08-07 17:48:02.600000 +02:00:00') was aborted.  Call getNextException to see the cause. {prepstmnt 1242995387 INSERT INTO BEAXACMLAP (DOMN, REALMN, TYPEN, CN, XVER, CTS, WCN, WCI, WXF, XD, XS, MTS) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?) [params=(String) lxrccn, (String) myrealm, (String) Policies, (String) urn:bea:xacml:2.0:entitlement:resource:type@E@Fadm@G, (String) 1.0, (null) null, (null) null, (null) null, (null) null, (byte[]) [B@4f719938, (String) 3, (Timestamp) 2014-08-07 17:48:02.6] [reused=0]} [code=0, state=42501]
    at org.apache.openjpa.lib.jdbc.LoggingConnectionDecorator.wrap(LoggingConnectionDecorator.java:192)
    at org.apache.openjpa.lib.jdbc.LoggingConnectionDecorator.access$700(LoggingConnectionDecorator.java:57)
    at org.apache.openjpa.lib.jdbc.LoggingConnectionDecorator$LoggingConnection$LoggingPreparedStatement.executeBatch(LoggingConnectionDecorator.java:912)
    at org.apache.openjpa.lib.jdbc.DelegatingPreparedStatement.executeBatch(DelegatingPreparedStatement.java:244)
    at org.apache.openjpa.lib.jdbc.DelegatingPreparedStatement.executeBatch(DelegatingPreparedStatement.java:244)
    Truncated. see log file for complete stacktrace
>

The failed "INSERT INTO BEAXACMLAP" that contains several BYTEA fields leads me to believe that the BLOB handling of Weblogic for PostgreSQL is broken.

Is running the security store on PostgreSQL at all possible ? Maybe with some creation script tweaking ?

Eric Darchis
  • 153
  • 1
  • 7
  • 1
    Unfortunately the most useful part of the exception is hidden, because a batch was used, and the wrapped exception wasn't examined with `getNextException`. (Whoever designed that API ... grr!). I suggest examining PostgreSQL's server error log, probably after setting `log_statement = 'all'`, it'll show you more useful info. – Craig Ringer Aug 13 '14 at 12:42
  • That helped indeed. The error was `error: permission denied for relation ...` which lead me to the fact that the owner of the tables was the user for Weblogic. User changed, issue solved. I now have a different issue but I've already fixed that one in the past. Feel free to make an answer and I'll accept it. – Eric Darchis Aug 13 '14 at 13:42

1 Answers1

1

Unfortunately the most useful part of the exception is hidden, because a batch was used, and the wrapped exception wasn't examined with getNextException. It might not be easy to capture that, since you didn't write the code.

I suggest examining PostgreSQL's server error log, probably after setting log_statement = 'all', it'll show you more useful info, hopefully including the real cause of the problem.

(As noted in comments, it turned out to be a permissions issue).

Craig Ringer
  • 11,083
  • 9
  • 40
  • 61
  • I had `error: permission denied for relation ...` because I had created the schema with `psql wls` rather than `psql -U wls wls` – Eric Darchis Aug 13 '14 at 14:32